bumperoffers.to Open in urlscan Pro
2606:4700:3037::6815:5437 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bumperoffers.to/Rel/
Submission Tags: @phish_report
Submission: On November 03 via api (November 3rd 2023, 3:21:52 pm UTC) from FI — Scanned from FI

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 10 HTTP transactions. The main IP is 2606:4700:3037::6815:5437, located in United States and belongs to CLOUDFLARENET, US. The main domain is bumperoffers.to.
TLS certificate: Issued by GTS CA 1P5 on October 15th 2023. Valid for: 3 months.

This is the only time bumperoffers.to was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2606:4700:303... 2606:4700:3037::6815:5437	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	20.85.30.134 20.85.30.134	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
10	5

5 2606:4700:3037::6815:5437 (United States)

ASN13335 (CLOUDFLARENET, US)

bumperoffers.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.85.30.134 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

j.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 827 j.clarity.ms — Cisco Umbrella Rank: 18693 c.clarity.ms — Cisco Umbrella Rank: 1405	27 KB
5	bumperoffers.to bumperoffers.to	18 MB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 236	764 B
10	3

	Domain	Requested by
5	bumperoffers.to	bumperoffers.to
2	c.clarity.ms	1 redirects
2	j.clarity.ms	www.clarity.ms
2	www.clarity.ms	bumperoffers.to www.clarity.ms
1	c.bing.com	1 redirects
10	5

This site contains no links.

Subject Issuer	Validity	Valid
bumperoffers.to GTS CA 1P5	`2023-10-15` - `2024-01-13`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://bumperoffers.to/Rel/
Frame ID: 11F369CD853B4253A4F11A52A65D21ED
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Lucky Cashback Point

Page Statistics

10
Requests

90 %
HTTPS

60 %
IPv6

3
Domains

5
Subdomains

5
IPs

2
Countries

18640 kB
Transfer

18691 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F559D3CEA3E3445AB4DF9364CE0B4860&RedC=c.clarity.ms&MXFR=1E0AAA208A6761E127B1B99E8E676F1D HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F559D3CEA3E3445AB4DF9364CE0B4860&MUID=332EB234F5EE6F640157A18AF43C6E29

10 HTTP transactions
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response bumperoffers.to/Rel/	42 KB 28 KB	261ms 151ms	Document text/html	2606:4700:3037::6815:5437 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bumperoffers.to/Rel/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:5437 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `751ad5d863559896c04b2da8af125d4e91890a67f47928340bfcc8849f5a355c` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 82059bd54e585f03-ARN content-encoding br content-type text/html date Fri, 03 Nov 2023 15:21:44 GMT last-modified Fri, 03 Nov 2023 06:08:58 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZEyy%2FUn9RtzLvNwdkR2lpJ7jGOdd8yswcXII4wmOjDPnJ%2Bu5qb5wS9%2BWxKKjVUX%2FbJ8yQVRD%2Fk1d%2FfC2ltQ4k3%2B9QvLZ4gf6b1Sgf4ZB0f17JABGLcfDmlFUuQ8DHKbNqkcocdb5lZ7dKKshQ7w%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-turbo-charged-by LiteSpeed
GET H2	200	style.css bumperoffers.to/Rel/css/	2 KB 916 B	58ms 56ms	Stylesheet text/css	2606:4700:3037::6815:5437 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bumperoffers.to/Rel/css/style.css Requested by Host: bumperoffers.to URL: https://bumperoffers.to/Rel/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:5437 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2f11004b5e7ded5174cc1a4c1d49b6ea46b783963235ef6f9bca4b65139057fd` Request headers accept-language fi-FI,fi;q=0.9 Referer https://bumperoffers.to/Rel/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Fri, 03 Nov 2023 15:21:44 GMT content-encoding br cf-cache-status HIT last-modified Thu, 05 Oct 2023 14:05:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 5472 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bzfefVgxQLgcOuIC9xtP096klK3SK7vgWJt1HzkFeY2TzRKzC4%2B5j14R8QMn6Lg4kBcQMjPUtjHSwBdh7ej3VVzNWy7G237QfIvE5AeJIKdzSXQkawfoypyQZ%2BiWs2gmI8S4zK17eQ6Lfe%2Brjfo%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 82059bd658735f03-ARN alt-svc h3=":443"; ma=86400 expires Fri, 10 Nov 2023 13:50:32 GMT
GET H2	200	Head.gif bumperoffers.to/Rel/Graphics/	5 MB 5 MB	73ms 72ms	Image image/gif	2606:4700:3037::6815:5437 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bumperoffers.to/Rel/Graphics/Head.gif Requested by Host: bumperoffers.to URL: https://bumperoffers.to/Rel/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:5437 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `13f1d80b4fae633be4e1d9628fbcd5aeba0b149deae429873a898da8030804d1` Request headers accept-language fi-FI,fi;q=0.9 Referer https://bumperoffers.to/Rel/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Fri, 03 Nov 2023 15:21:44 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5472 alt-svc h3=":443"; ma=86400 content-length 4756786 last-modified Fri, 27 Oct 2023 05:12:03 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=43RLPp9wZitgP5egYZ0W01xgKAcweK0fLqdJreIov5DWxV3IheqqjH1CkZAWbDzNc8cSHPSEZyq0Ay3U3WvtUqqTY2iOeRpeEszHqpt7EG%2F8ffp96jK%2BKZ4HuJkCZAGygXvt206LzWz%2Bv64bMjY%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 82059bd658755f03-ARN expires Fri, 10 Nov 2023 13:50:32 GMT
GET H2	200	scr1.gif bumperoffers.to/Rel/Graphics/	11 MB 11 MB	63ms 62ms	Image image/gif	2606:4700:3037::6815:5437 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bumperoffers.to/Rel/Graphics/scr1.gif Requested by Host: bumperoffers.to URL: https://bumperoffers.to/Rel/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:5437 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `cb8879265ef113fd0805b3fd4eee79e42170c8e633f2d1f1a4b5eb32e87dea69` Request headers accept-language fi-FI,fi;q=0.9 Referer https://bumperoffers.to/Rel/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Fri, 03 Nov 2023 15:21:44 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5472 alt-svc h3=":443"; ma=86400 content-length 11779915 last-modified Tue, 31 Oct 2023 05:44:35 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U2zXVK489BHO6AB650al6xW2brlVvbPOSUh2dovBCUFRHoam4lb0VaOAutr2zIoUMcG0Bj3Q5f0DHUcQlRQMX75EZlYLMLsoX3GPjJH6BR88T5vMs%2BBG5xzL7i1Kbuyi9Ap0nBDgOVrjWYN%2BAs4%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 82059bd658765f03-ARN expires Fri, 10 Nov 2023 13:50:32 GMT
GET H2	200	Foot.gif bumperoffers.to/Rel/Graphics/	2 MB 2 MB	84ms 84ms	Image image/gif	2606:4700:3037::6815:5437 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bumperoffers.to/Rel/Graphics/Foot.gif Requested by Host: bumperoffers.to URL: https://bumperoffers.to/Rel/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:5437 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `dbbba58f418c25f52d0298d9365c45aa487773755b9432d7ddae50830274671e` Request headers accept-language fi-FI,fi;q=0.9 Referer https://bumperoffers.to/Rel/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Fri, 03 Nov 2023 15:21:44 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5472 alt-svc h3=":443"; ma=86400 content-length 2471128 last-modified Fri, 27 Oct 2023 05:20:21 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b7eqe1HgdrPtC2gI87YIrvbM9CXFYThrLr6SD1mnkmxpiGJAAZLX%2FbpyWsOpTwiORItCRJZbEYqZ5hevOJNSqss8v5SlAjTNyaN%2FZa%2BdiWuydQiMFE9dgfhCAqD62O%2FCMmPaM7fN5%2FOqSe2ndno%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 82059bd6a92a5f03-ARN expires Fri, 10 Nov 2023 13:50:32 GMT
GET H2	200	jhai3ikgc4 Show response www.clarity.ms/tag/	650 B 1012 B	316ms 153ms	Script application/x-javascript	2620:1ec:bdf::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/tag/jhai3ikgc4 Requested by Host: bumperoffers.to URL: https://bumperoffers.to/Rel/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash `cdad9e63b0ce8da761c8229b0ec091dbbc891c130ffdace435e4e5526b97b548` Request headers accept-language fi-FI,fi;q=0.9 Referer https://bumperoffers.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers expires -1 date Fri, 03 Nov 2023 15:21:45 GMT x-azure-ref 20231103T152144Z-e1udwpqg712796en2qwnzfu8qc000000013g00000000up5d x-cache CONFIG_NOCACHE content-type application/x-javascript cache-control no-cache, no-store accept-ranges bytes content-length 650 request-context appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
GET DATA	200 OK	truncated /	23 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `3981ce8ce8573703ddf2a9a76942158a5b758810efe8482f3c18362d20ff8b1a` Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `d195b2bdfffd3e66d1b80920a94ebad44b309472388034cb7e374c0c82fde23b` Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Content-Type image/png
GET H2	200	clarity.js Show response www.clarity.ms/s/0.7.13/	59 KB 25 KB	149ms 146ms	Script application/javascript	2620:1ec:bdf::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/s/0.7.13/clarity.js Requested by Host: www.clarity.ms URL: https://www.clarity.ms/tag/jhai3ikgc4 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash `74e69ccf2f5cb32c175e328707c515fc9116ddd5cb3c92882d9bd53d3a742d63` Request headers accept-language fi-FI,fi;q=0.9 Referer https://bumperoffers.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Fri, 03 Nov 2023 15:21:45 GMT content-encoding br last-modified Tue, 17 Oct 2023 11:58:02 GMT etag W/"0x8DBCF0850CC9F3D" vary Accept-Encoding x-azure-ref 20231103T152145Z-e1udwpqg712796en2qwnzfu8qc000000013g00000000up69 content-type application/javascript;charset=utf-8 access-control-allow-origin * x-ms-request-id f29c946c-301e-0062-2b3d-0cecfc000000 cache-control public, max-age=86400 x-cache TCP_HIT x-ms-version 2018-03-28
POST H/1.1	204 No Content	collect Show response j.clarity.ms/	0 295 B	705ms 139ms	XHR text/plain	20.85.30.134 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://j.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/s/0.7.13/clarity.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept application/x-clarity-gzip Referer https://bumperoffers.to/ accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Access-Control-Allow-Origin https://bumperoffers.to Date Fri, 03 Nov 2023 15:21:45 GMT Access-Control-Allow-Credentials true Server nginx/1.18.0 (Ubuntu) Connection keep-alive Vary Origin Request-Context appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
GET H2	200	c.gif c.clarity.ms/ Redirect Chain https://c.clarity.ms/c.gif https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F559D3CEA3E3445AB4DF9364CE0B4860&RedC=c.clarity.ms&MXFR=1E0AAA208A6761E127B1B99E8E676F1D https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F559D3CEA3E3445AB4DF9364CE0B4860&MUID=332EB234F5EE6F640157A18AF43C6E29	42 B 444 B	71ms 71ms	Image image/gif	68.219.88.97 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F559D3CEA3E3445AB4DF9364CE0B4860&MUID=332EB234F5EE6F640157A18AF43C6E29 Protocol H2 Server 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12` Request headers accept-language fi-FI,fi;q=0.9 Referer https://bumperoffers.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Fri, 03 Nov 2023 15:21:45 GMT last-modified Wed, 30 Aug 2023 19:01:41 GMT server Microsoft-IIS/10.0 etag "8d59566974dbd91:0" x-powered-by ASP.NET content-type image/gif p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" cache-control private, no-cache, proxy-revalidate, no-store accept-ranges bytes content-length 42 Redirect headers pragma no-cache date Fri, 03 Nov 2023 15:21:45 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: A91AEAF915034A3D82F234FF085E634B Ref B: FRAEDGE1210 Ref C: 2023-11-03T15:21:46Z x-powered-by ASP.NET x-cache CONFIG_NOCACHE p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" location https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F559D3CEA3E3445AB4DF9364CE0B4860&MUID=332EB234F5EE6F640157A18AF43C6E29 cache-control private, no-cache, proxy-revalidate, no-store content-length 0
POST H/1.1	204 No Content	collect Show response j.clarity.ms/	0 295 B	141ms 141ms	XHR text/plain	20.85.30.134 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://j.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/s/0.7.13/clarity.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept application/x-clarity-gzip Referer https://bumperoffers.to/ accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Access-Control-Allow-Origin https://bumperoffers.to Date Fri, 03 Nov 2023 15:21:46 GMT Access-Control-Allow-Credentials true Server nginx/1.18.0 (Ubuntu) Connection keep-alive Vary Origin Request-Context appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| clarity

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.clarity.ms/	1970-01-21 00:42:40	Name: CLID Value: f3016add1a044d2a942249f14007184c.20231103.20241102
.bumperoffers.to/	1970-01-21 00:42:40	Name: _clck Value: 1ee6d5o\|2\|fge\|0\|1402
.bumperoffers.to/	1970-01-20 15:58:31	Name: _clsk Value: tyva0i\|1699024906073\|1\|1\|j.clarity.ms/collect
.bing.com/	1970-01-21 01:18:40	Name: MUID Value: 332EB234F5EE6F640157A18AF43C6E29
.c.bing.com/	1970-01-20 16:07:09	Name: MR Value: 0
.c.bing.com/	1970-01-21 01:18:40	Name: SRM_B Value: 332EB234F5EE6F640157A18AF43C6E29
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 01:18:40	Name: MUID Value: 332EB234F5EE6F640157A18AF43C6E29
.c.clarity.ms/	1970-01-20 16:07:09	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 15:57:05	Name: ANONCHK Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bumperoffers.to
c.bing.com
c.clarity.ms
j.clarity.ms
www.clarity.ms
20.85.30.134
2606:4700:3037::6815:5437
2620:1ec:bdf::45
2620:1ec:c11::200
68.219.88.97
13f1d80b4fae633be4e1d9628fbcd5aeba0b149deae429873a898da8030804d1
2f11004b5e7ded5174cc1a4c1d49b6ea46b783963235ef6f9bca4b65139057fd
3981ce8ce8573703ddf2a9a76942158a5b758810efe8482f3c18362d20ff8b1a
74e69ccf2f5cb32c175e328707c515fc9116ddd5cb3c92882d9bd53d3a742d63
751ad5d863559896c04b2da8af125d4e91890a67f47928340bfcc8849f5a355c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
cb8879265ef113fd0805b3fd4eee79e42170c8e633f2d1f1a4b5eb32e87dea69
cdad9e63b0ce8da761c8229b0ec091dbbc891c130ffdace435e4e5526b97b548
d195b2bdfffd3e66d1b80920a94ebad44b309472388034cb7e374c0c82fde23b
dbbba58f418c25f52d0298d9365c45aa487773755b9432d7ddae50830274671e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

bumperoffers.to Open in urlscan Pro 2606:4700:3037::6815:5437 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

10 Requests

90 %HTTPS

60 %IPv6

3 Domains

5 Subdomains

5 IPs

2 Countries

18640 kBTransfer

18691 kBSize

10 Cookies

0 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

10 Cookies

Indicators

bumperoffers.to Open in urlscan Pro
2606:4700:3037::6815:5437 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

90 %
HTTPS

60 %
IPv6

3
Domains

5
Subdomains

5
IPs

2
Countries

18640 kB
Transfer

18691 kB
Size

10
Cookies

10 HTTP transactions
2 data transactions